$6.2M of the funds stolen during the SagaEVM exploit has been deposited into Tornado Cash. The January 21 exploit involved a ...

The 11-year-old vulnerability likely impacts many devices that are no longer supported — and presents easy exploit even for ...

JFrog this week published an analysis of a vulnerability in Redis databases that may be more serious than initially thought following the discovery of a ...

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.

Flow published a post-incident report on January 6, 2026, discussing the root cause of its $3.9 million exploit. An attacker exploited a Cadence runtime type confusion vulnerability to forge tokens.

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

No reports of active exploitation … yet Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Fortinet has closed a critical FortiSIEM vulnerability. A proof-of-concept exploit increases the likelihood of attacks.

CVE-2026-20029 in Cisco ISE/ISE-PIC allows arbitrary file reads via malicious XML uploads Exploitation requires valid admin credentials; no workarounds exist—patching is the only fix PoC exploit ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

Security experts are warning that ready-made code which exploits a recently announced Cisco Systems IOS operating system vulnerability is circulating and attacks using the exploit are taking place.